Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Blog

Data governance for regulatory compliance: lessons learned from NYDFS

This week marks six months since the last of three compliance deadlines for the New York State Department of Financial Services (NYDFS) Cybersecurity Regulations. As of March 1, 2019, many financial services firms operating in New York state are now required to abide by a new set of cybersecurity standards that dictate how they manage, share, and control access to data.

Strong Customer Authentication: A Vehicle for PCI-DSS Compliance

Payment services that operate electronically should adopt technologies that guarantees the safe authentication of the user and reduces, to the maximum extent possible, the risk of fraud. In order to achieve this, the European Union in 2007 passed the Payment Services Directive (PSD). The aim of this legislation is to regulate payment services and payment service providers throughout the European Union (EU) and European Economic Area (EEA).

What is log aggregation and monitoring relation in cybersecurity?

Logs are the cornerstone in today’s cybersecurity monitoring, investigation, and forensics. According to a Fortune 500 report, an organization’s IT infrastructure can generate up to 10 Terabytes of log data per month. In this post, we will learn about log aggregation and monitoring; then analyze how they can help businesses to strength their cybersecurity posture.

What is Sensitive Data?

Sensitive data is information that must be protected against unauthorized access. Access to sensitive data should be limited through sufficient data security and information security practices designed to prevent unauthorized disclosure and data breaches. Your organization may have to protect sensitive data for ethical or legal requirements, personal privacy, regulatory reasons, trade secrets and other critical business information.

What is Personally Identifiable Information (PII)?

Personally identifiable information (PII) is data that could identify a specific individual. Information that can be used to distinguish an individual's identity from another or be used to deanonymize anonymous data is also considered PII. While PII has several formal definitions, think of it as any information that can be used on its own or with other information to identify, contact or locate a particular person.